Glossary
Last updated:2026-01-07 10:35:41
To make full use of SMH, you need to understand some relevant basic concepts and terms.
Bucket
A Bucket refers to the storage space in COS used for storing objects.
In SMH, a bucket can store multiple objects. The bucket name is formed by connecting a user-defined string and a system-generated numeric string with a hyphen to ensure global uniqueness of the bucket.
In CI, CI is a data processing platform based on COS. You need to bind or create a COS bucket to use CI-related features. A bucket can store multiple objects. The bucket name is formed by connecting a user-defined string and a system-generated numeric string with a hyphen to ensure global uniqueness of the bucket. For more details, see Bucket Overview.
Access Token
The access token is generated by calling the Generate Access Token API on the server side, where the LibraryId and LibrarySecret must be specified. Since the LibrarySecret must be kept confidential and cannot be stored or used on the client side, calling the Generate Access Token API on the client side is not allowed.
Access tokens must be passed to verify access legitimacy, except when media libraries are operated, APIs related to the access token itself are called, or read interfaces are invoked when a media library or Tenant Space is set to public read.
When generating an access token, you need to specify the granted permissions and can also set other parameters. For detailed instructions on generating an access token, see Generate Access Token API Documentation.
Client Identification
If your products and services allow users to log in simultaneously on multiple devices, users may need to manage login statuses on other devices to prevent identity theft when devices are lost. In this case, the backend of your products and services must record the device names (or other identifiers) of all logged-in clients, enabling users to identify specific devices and delete login statuses of lost devices. SMH also allows you to specify client identification when generating access tokens. When users need to delete login statuses of specific clients, they can delete corresponding access tokens accordingly to protect user identities and data.
LibraryId
that is, LibraryId, which is used to uniquely identify a media library, is automatically generated when a media library is created and must be specified when any API is called.
Media Library
A media library is the largest top-level unit division in SMH, with each media library being completely independent. Each media library must have an underlying COS bucket bound under the same root account. All file contents in the media library are stored under specific prefixes (directories) within the bound bucket. You need to create media libraries in the SMH console while simultaneously binding buckets. When binding a bucket, you must also specify Tencent Cloud keys (SecretId and SecretKey) to access the storage. Different media libraries can bind to the same bucket without causing file overwriting or interference between them.
Operations requiring Tencent Cloud account login to the console are limited to creating, deleting, and modifying certain settings of media libraries. All other operations utilize SMH's authentication and authorization mechanisms, implemented by calling APIs, and do not require possessing or using a Tencent Cloud account.
LibrarySecret
that is, LibrarySecret, which is required when APIs related to access tokens are called to verify the caller's legitimacy. It is automatically generated upon media library creation. This parameter must be kept confidential and should only be stored and used on the server side, not on the client side.
SecretKey
SecretId and SecretKey are collectively referred to as TencentCloud API keys, which are security credentials required for user authentication when Tencent Cloud APIs are accessed. SecretKey is the key used to encrypt signature strings and verify signature strings on the server side. One APPID can create multiple TencentCloud API keys.
SecretId
SecretId and SecretKey are collectively referred to as TencentCloud API keys, which are security credentials required for user authentication when Tencent Cloud APIs are accessed. SecretId is used to identify API callers. One APPID can create multiple TencentCloud API keys.
Photo Album
When creating a media library (single tenant) or a Tenant Space via API (multi-tenant), you can specify whether to enable the Multi-Album Mode. If the Multi-Album Mode is enabled, albums must be created first—media resources like photos and videos can only be uploaded to albums and cannot be directly uploaded to the Tenant Space. Albums do not support hierarchies, meaning sub-albums cannot be created within albums. If Multi-Album Mode is not enabled, album creation is prohibited, and media resources must be uploaded directly under the Tenant Space.
Whether to enable Multi-Album Mode can only be set when a media library or Tenant Space is created and cannot be modified after creation. Album names must be unique within the same Tenant Space.
User Identification
SMH does not have the concept of users, nor does it host user information of your products and services. However, when using access tokens to call related APIs, you may want to record and identify the operators of relevant operations, such as album creators and media resource uploaders. Therefore, you can pass in user identification when generating access tokens. This user identification can be an ID or username from your existing user system in your products and services, or an openid from WeChat Mini Programs, and so on. When needed, you can perform further operations based on this yourself.
If administrator permissions are requested when an access token is generated without specifying user identification, a user identification can be temporarily specified when the access token is used to call other APIs. This allows you to invoke APIs as a specific user on the server side without needing to regenerate access tokens.
Tenant Space
Your products and services may need to dynamically create isolated storage spaces, such as independent sections or articles, or for each end-user of the product. This can be achieved by creating a media library in "Multi-Tenant Mode." Within a multi-tenant media library, you can dynamically create, delete, and modify these isolated Tenant Spaces via API. When managing files within these Tenant Spaces, you can use either tenant-specific access tokens or high-privilege access tokens that are not restricted to any particular Tenant Space, catering to different management requirements.
When creating a media library, you can choose whether to enable Multi-Tenant Mode. This attribute cannot be modified after the media library is created. If Multi-Tenant Mode is not enabled, it operates in Single-Tenant Mode, where the entire media library can be considered as one Tenant Space.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback